From: lmccarth@ducie.cs.umass.edu
To: cypherpunks@toad.com
Message Hash: 37dc698202e3aa406468aff6ac65407b6764741ee917b53c1b13c9c936f414f4
Message ID: <199412020218.VAA06287@bb.hks.net>
Reply To: N/A
UTC Datetime: 1994-12-02 02:14:01 UTC
Raw Date: Thu, 1 Dec 94 18:14:01 PST
From: lmccarth@ducie.cs.umass.edu
Date: Thu, 1 Dec 94 18:14:01 PST
To: cypherpunks@toad.com
Subject: public accounts / PGP / passphrases
Message-ID: <199412020218.VAA06287@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain
[This message has been signed by an auto-signing service.
A valid signature means only that it has been received at
the address belonging to the signature and forwarded.]
-----BEGIN PGP SIGNED MESSAGE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hal writes:
> Just create a special key for your netcom account. Use no pass phrase;
> using one would give a misleading sense of security IMO. Just pass your
> mail through "pgp -saft" or equivalent and you've got it. It is easy to
> do this from most editors.
Could someone please elaborate on the foolishness of using PGP with a
passphrase on a public machine (as I do) ? Am I wrong in thinking that my
secret key is useless to an intruder until she guesses my passphrase ? I
have no net access except via an account on a public machine, so I'm not
about to start storing my secret key elsewhere, but I'll change my passphrase
to <null> if it's irrelevant anyway. I just reviewed the PGP docs a bit and
Phil says "Nobody can use your secret key file without this pass phrase.",
which seems to contradict what many people on the list have said.
- - -L. Futplex McCarthy; PGP key by finger or server
"Don't say my head was empty, when I had things to hide...." --Men at Work
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.1
iQCVAwUBLt6Cq2f7YYibNzjpAQF3KwP/ZgxKliBQe+BQ+Q0FfiN9ycxTRWRHlPWY
qF4iqmxT70uWLm6hsSX6A88EKv1E+k4mfYhVAnT8XQCTp2wEYMVOHvlFJQiKHOCj
55Cot8bL7JCrJ+lUIDdCPOnNra61F2cc+S26EyB5jIKvudzkPLsWI49galG201M7
ILld5lrJhAw=
=vc9N
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQBFAwUBLt6D+ioZzwIn1bdtAQGz5gF+Kokq6ZW/HpgRWowG2/+3QB913tJD2opJ
+gKNrxqTK40qzj/8pdNNpreKYrf4rWIi
=9YBk
-----END PGP SIGNATURE-----
Return to December 1994
Return to “mpd@netcom.com (Mike Duvos)”